104.10.56.52 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): AT&T Corp.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	TCP Port Scanning	2019-11-21 15:18:36

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.10.56.52
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 55076
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.10.56.52.			IN	A

;; AUTHORITY SECTION:
.			421	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019112003 1800 900 604800 86400

;; Query time: 451 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Nov 21 15:18:30 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

52.56.10.104.in-addr.arpa domain name pointer 104-10-56-52.lightspeed.sntcca.sbcglobal.net.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
52.56.10.104.in-addr.arpa	name = 104-10-56-52.lightspeed.sntcca.sbcglobal.net.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
77.247.110.202	attackspambots	\[2019-10-08 10:12:34\] NOTICE\[1887\] chan_sip.c: Registration from '\' failed for '77.247.110.202:50625' - Wrong password \[2019-10-08 10:12:34\] SECURITY\[1898\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-10-08T10:12:34.838-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="10",SessionID="0x7fc3ac5226d8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/77.247.110.202/50625",Challenge="4219c6e2",ReceivedChallenge="4219c6e2",ReceivedHash="00105b10b2762ef2f6e513733147fd7d" \[2019-10-08 10:12:34\] NOTICE\[1887\] chan_sip.c: Registration from '\' failed for '77.247.110.202:50626' - Wrong password \[2019-10-08 10:12:34\] SECURITY\[1898\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-10-08T10:12:34.839-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="10",SessionID="0x7fc3ac2ed548",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/77.247.110.202/50626",Chal	2019-10-08 22:32:16
188.215.117.12	attackspambots	The IP address [188.215.117.12] experienced 5 failed attempts when attempting to log into SSH	2019-10-08 22:34:22
220.202.15.68	attackbots	Aug 31 21:02:01 dallas01 sshd[18062]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.202.15.68 Aug 31 21:02:02 dallas01 sshd[18062]: Failed password for invalid user abdi from 220.202.15.68 port 29674 ssh2 Aug 31 21:06:37 dallas01 sshd[18847]: Failed password for root from 220.202.15.68 port 62553 ssh2	2019-10-08 22:16:27
187.72.118.191	attackspam	2019-10-08T13:52:52.316612shield sshd\[32115\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.72.118.191 user=root 2019-10-08T13:52:54.285476shield sshd\[32115\]: Failed password for root from 187.72.118.191 port 37590 ssh2 2019-10-08T13:57:49.692910shield sshd\[32578\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.72.118.191 user=root 2019-10-08T13:57:51.435741shield sshd\[32578\]: Failed password for root from 187.72.118.191 port 49698 ssh2 2019-10-08T14:02:46.654963shield sshd\[544\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.72.118.191 user=root	2019-10-08 22:11:16
125.46.218.27	attackbots	Unauthorised access (Oct 8) SRC=125.46.218.27 LEN=40 TTL=50 ID=22051 TCP DPT=23 WINDOW=56747 SYN	2019-10-08 22:17:33
45.82.153.34	attack	10/08/2019-10:11:08.315493 45.82.153.34 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-10-08 22:21:49
139.59.59.194	attackspam	Oct 8 15:01:58 microserver sshd[30576]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.59.194 user=root Oct 8 15:02:00 microserver sshd[30576]: Failed password for root from 139.59.59.194 port 32836 ssh2 Oct 8 15:06:18 microserver sshd[31173]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.59.194 user=root Oct 8 15:06:19 microserver sshd[31173]: Failed password for root from 139.59.59.194 port 44270 ssh2 Oct 8 15:10:35 microserver sshd[31783]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.59.194 user=root Oct 8 15:23:35 microserver sshd[33231]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.59.194 user=root Oct 8 15:23:37 microserver sshd[33231]: Failed password for root from 139.59.59.194 port 33530 ssh2 Oct 8 15:28:02 microserver sshd[33849]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid	2019-10-08 22:35:15
181.48.68.54	attack	2019-10-08T13:11:02.836783abusebot-5.cloudsearch.cf sshd\[4104\]: Invalid user khwanjung from 181.48.68.54 port 47862	2019-10-08 22:20:54
43.251.105.205	attackspambots	st-nyc1-01 recorded 3 login violations from 43.251.105.205 and was blocked at 2019-10-08 11:54:22. 43.251.105.205 has been blocked on 0 previous occasions. 43.251.105.205's first attempt was recorded at 2019-10-08 11:54:22	2019-10-08 22:18:02
138.197.89.212	attackbotsspam	Oct 8 15:05:44 tuxlinux sshd[18038]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.89.212 user=root Oct 8 15:05:46 tuxlinux sshd[18038]: Failed password for root from 138.197.89.212 port 40760 ssh2 Oct 8 15:05:44 tuxlinux sshd[18038]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.89.212 user=root Oct 8 15:05:46 tuxlinux sshd[18038]: Failed password for root from 138.197.89.212 port 40760 ssh2 Oct 8 15:22:49 tuxlinux sshd[18334]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.89.212 user=root ...	2019-10-08 22:37:35
220.250.30.254	attackbotsspam	Aug 24 19:36:13 dallas01 sshd[28536]: Failed password for root from 220.250.30.254 port 55316 ssh2 Aug 24 19:36:15 dallas01 sshd[28434]: Failed password for root from 220.250.30.254 port 54384 ssh2 Aug 24 19:36:15 dallas01 sshd[28434]: error: maximum authentication attempts exceeded for root from 220.250.30.254 port 54384 ssh2 [preauth] Aug 24 19:36:16 dallas01 sshd[28536]: Failed password for root from 220.250.30.254 port 55316 ssh2 Aug 24 19:36:18 dallas01 sshd[28536]: Failed password for root from 220.250.30.254 port 55316 ssh2 Aug 24 19:36:18 dallas01 sshd[28536]: error: maximum authentication attempts exceeded for root from 220.250.30.254 port 55316 ssh2 [preauth]	2019-10-08 21:57:39
113.172.0.33	attack	ssh bruteforce or scan ...	2019-10-08 22:14:35
23.129.64.195	attackspambots	2019-10-08T13:43:35.523106abusebot.cloudsearch.cf sshd\[19005\]: Invalid user admin from 23.129.64.195 port 51052	2019-10-08 22:06:10
222.186.175.140	attackspambots	Oct816:16:17server6sshd[27160]:refusedconnectfrom222.186.175.140\(222.186.175.140\)Oct816:16:17server6sshd[27161]:refusedconnectfrom222.186.175.140\(222.186.175.140\)Oct816:16:17server6sshd[27162]:refusedconnectfrom222.186.175.140\(222.186.175.140\)Oct816:16:18server6sshd[27163]:refusedconnectfrom222.186.175.140\(222.186.175.140\)Oct816:25:03server6sshd[27800]:refusedconnectfrom222.186.175.140\(222.186.175.140\)	2019-10-08 22:28:53
131.0.160.199	attack	Lines containing failures of 131.0.160.199 Oct 7 05:00:32 shared04 sshd[23934]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=131.0.160.199 user=r.r Oct 7 05:00:34 shared04 sshd[23934]: Failed password for r.r from 131.0.160.199 port 55752 ssh2 Oct 7 05:00:34 shared04 sshd[23934]: Received disconnect from 131.0.160.199 port 55752:11: Bye Bye [preauth] Oct 7 05:00:34 shared04 sshd[23934]: Disconnected from authenticating user r.r 131.0.160.199 port 55752 [preauth] Oct 7 05:12:41 shared04 sshd[27678]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=131.0.160.199 user=r.r Oct 7 05:12:44 shared04 sshd[27678]: Failed password for r.r from 131.0.160.199 port 36746 ssh2 Oct 7 05:12:45 shared04 sshd[27678]: Received disconnect from 131.0.160.199 port 36746:11: Bye Bye [preauth] Oct 7 05:12:45 shared04 sshd[27678]: Disconnected from authenticating user r.r 131.0.160.199 port 36746 [preauth........ ------------------------------	2019-10-08 21:56:04

最近上报的IP列表

106.75.6.229	87.154.248.245	168.232.131.61	36.37.127.154
93.143.201.242	85.200.62.240	94.23.153.35	157.247.23.113
234.2.10.244	183.251.92.29	150.103.244.202	177.132.246.251
28.141.144.230	236.211.35.239	41.251.144.98	94.23.21.52
77.222.63.86	37.120.145.161	176.109.243.88	172.58.19.107